You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@geode.apache.org by "ASF subversion and git services (JIRA)" <ji...@apache.org> on 2018/03/30 18:14:00 UTC

[jira] [Commented] (GEODE-3563) SSL socket handling problems in TCPConduit run

    [ https://issues.apache.org/jira/browse/GEODE-3563?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16420794#comment-16420794 ] 

ASF subversion and git services commented on GEODE-3563:
--------------------------------------------------------

Commit b55215dcb64c86554d531b0b475e85f013e76fc6 in geode's branch refs/heads/develop from [~gosullivan]
[ https://gitbox.apache.org/repos/asf?p=geode.git;h=b55215d ]

GEODE-3563: use a timeout for newly created sockets in TcpConduit.run() (#1671)

* GEODE-3563: use a timeout in SocketCreator.ConfigureServerSSLSocket()

Also close newly accepted sockets in TcpConduit.run() if SSL
configuration fails (or any other IOException).

* Add units.

* Rename to startHandshakeIfSocketIsSSL for clarity.


> SSL socket handling problems in TCPConduit run
> ----------------------------------------------
>
>                 Key: GEODE-3563
>                 URL: https://issues.apache.org/jira/browse/GEODE-3563
>             Project: Geode
>          Issue Type: Bug
>          Components: messaging
>            Reporter: Vahram Aharonyan
>            Assignee: Galen O'Sullivan
>            Priority: Critical
>              Labels: pull-request-available
>          Time Spent: 1h 20m
>  Remaining Estimate: 0h
>
> Here are two cases that seems to problematic in TCPConduit.run flow:
> 1. TCPConduit.run() has no action performed for the case when SSLException is thrown from sslSocket.startHandshake(), as a result the socket remains open. 
> Catch block from the end of  configureServerSSLSocket() will just report a fatal error(even it seem that this portion is going to be removed in 1.2.1 according to GEODE-3393) and re-throw the exception.
> 2. configureServerSSLSocket call is performed without setting socket timeout before that. This can bring to run thread blocking case if read initiated from the SSL handshake flow will not return. Linking to similar issues observed with other acceptors previously: GEODE-2898, GEODE-3023.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)